Reviewed: https://review.openstack.org/624216 Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=6037ac58de0fe599df9220a068e1ef054194187a Submitter: Zuul Branch: master
commit 6037ac58de0fe599df9220a068e1ef054194187a Author: Lance Bragstad <[email protected]> Date: Mon Dec 10 18:45:25 2018 +0000 Implement system member role project test coverage This commit introduces explicit test coverage for system members, making sure they are allowed to do readable and not writable project operations. Subsequent patches will incorporate: - system admin functionality - domain reader functionality - domain member test coverage - domain admin functionality - project user test coverage Change-Id: I69ff308ea528d54e0db8e475d047e3dbf356ed2f Related-Bug: 1805403 Related-Bug: 1750660 Related-Bug: 1806762 ** Changed in: keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1805403 Title: Project API doesn't use default roles Status in OpenStack Identity (keystone): Fix Released Bug description: In Rocky, keystone implemented support to ensure at least three default roles were available [0]. The projects API doesn't incorporate these defaults into its default policies [1], but it should. [0] http://specs.openstack.org/openstack/keystone-specs/specs/keystone/rocky/define-default-roles.html [1] http://git.openstack.org/cgit/openstack/keystone/tree/keystone/common/policies/project.py?id=fb73912d87b61c419a86c0a9415ebdcf1e186927 To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1805403/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
